﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Data;

public partial class Repair : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        int Login = System.Convert.ToInt32(Session["IsLogin"]);
        if (Login !=1)
        {
            Response.Redirect("Login.aspx");
            Response.End();
        }
        string hy = "";
        string userid = Session["UserId"].ToString();
        if (userid != "")
        {
            SqlConnection sqlcon = new SqlConnection();
            sqlcon.ConnectionString = System.Configuration.ConfigurationManager.ConnectionStrings["ConnectionStringProManage"].ToString();
            try
            {
                sqlcon.Open();
                string sql = "select name from Users where uername=@userid";
                SqlCommand cmd = new SqlCommand();
                cmd.CommandText = sql;
                cmd.CommandType = CommandType.Text;
                cmd.Connection = sqlcon;
                SqlParameter pid = new SqlParameter("@userid", SqlDbType.VarChar, 10);  //sql防注入攻击
                pid.Value = userid;
                cmd.Parameters.Add(pid);
                using (SqlDataReader reader = cmd.ExecuteReader())
                {
                    if (reader.HasRows)
                    {
                        while (reader.Read())
                        {
                            hy = reader[0].ToString();
                        }

                    }
                }
            }
            finally
            {
                sqlcon.Close();
            }
        }
        Login_Welcome.Text = "欢迎您，工程师 " + hy + " !";    // + "<small>(" + DateTime.Now.ToString() + ")</small>";
    }
}